RatSec

RatSec Blog

The top 20 network exploiting techniques

- Posted in Uncategorized by

The top 20 network exploiting techniques:

  1. Port Scanning: This is the process of scanning a network to find open ports.
  2. Banner Grabbing: This technique is used to gather information about a computer system on a network and the services running on its open ports.
  3. Service Enumeration: This involves identifying network services running on a host and the associated ports.
  4. Vulnerability Scanning: This is the process of scanning a network to identify potential vulnerabilities.
  5. ARP Poisoning: This is a type of attack in which an attacker sends falsified ARP (Address Resolution Protocol) messages over a local area network.
  6. Man-in-the-Middle Attack: This is an attack where the attacker secretly relays and possibly alters the communication between two parties who believe they are directly communicating with each other.
  7. Denial of Service (DoS) Attack: This is an attack where the attacker floods the victim's network with traffic to make it unavailable to its users.
  8. Distributed Denial of Service (DDoS) Attack: This is a type of DoS attack where multiple compromised systems are used to target a single system.
  9. Packet Sniffing: This is the process of monitoring network traffic, usually for the purpose of gathering information.
  10. Session Hijacking: This is an attack where an attacker takes over a session between a client and a server.
  11. DNS Spoofing: This is a type of computer attack wherein a user is forced to navigate to a fake website disguised as a real one, and the user's input is then stolen by the attacker.
  12. SQL Injection: This is an attack where an attacker can execute malicious SQL statements.
  13. Cross-Site Scripting (XSS): This is a type of computer security vulnerability typically found in web applications.
  14. Cross-Site Request Forgery (CSRF): This is an attack that forces an end user to execute unwanted actions on a web application in which they're currently authenticated.
  15. Clickjacking: This is an attack where an attacker tricks a user into clicking on a hidden link.
  16. Buffer Overflow: This is an anomaly where a program, while writing data to a buffer, overruns the buffer's boundary and overwrites adjacent memory locations.
  17. Session Fixation: This is an attack that permits an attacker to hijack a valid user session.
  18. LDAP Injection: This is a type of security exploit that is used to compromise the authentication process used by some websites.
  19. Buffer Overflow: This is an anomaly where a program, while writing data to a buffer, overruns the buffer's boundary and overwrites adjacent memory locations.
  20. Format String Attack: This is a type of software vulnerability discovered around 2000 that can be used in security exploits.